nixos/nginx: allow overriding fastcgi params

By default in Nginx, if you want to override a single fastcgi_param,
you have to override all of them.  This is less of a big deal if
you're editing the Nginx configuration directly, but when you're
generating the Nginx configuration with Nix it can be very annoying to
bloat your configuration repeating the default values of FastCGI
parameters every time.

This patch adds a fastcgiParams option to Nginx locations.  If any
parameters are set through this, all the default values will be
included as well, so only the ones that are changing need to be
supplied.  There's no way to use fastcgiParams to actually override
all parameters if that's what you want, but I think that's a niche use
case and it's still possible using extraConfig, which up until now was
the only option

Nginx allows the fastcgi_param directive in http and server scopes as
well as location, but here I only support location.  It would be
possible to support the others, but I don't think it's worth it.  It
would be a possible future enhancement if somebody has a need for it.
This commit is contained in:
Alyssa Ross 2021-01-02 08:55:12 +00:00
parent 4a6916aba3
commit 178ec8974f
2 changed files with 41 additions and 0 deletions

View file

@ -27,6 +27,33 @@ let
) cfg.virtualHosts;
enableIPv6 = config.networking.enableIPv6;
defaultFastcgiParams = {
SCRIPT_FILENAME = "$document_root$fastcgi_script_name";
QUERY_STRING = "$query_string";
REQUEST_METHOD = "$request_method";
CONTENT_TYPE = "$content_type";
CONTENT_LENGTH = "$content_length";
SCRIPT_NAME = "$fastcgi_script_name";
REQUEST_URI = "$request_uri";
DOCUMENT_URI = "$document_uri";
DOCUMENT_ROOT = "$document_root";
SERVER_PROTOCOL = "$server_protocol";
REQUEST_SCHEME = "$scheme";
HTTPS = "$https if_not_empty";
GATEWAY_INTERFACE = "CGI/1.1";
SERVER_SOFTWARE = "nginx/$nginx_version";
REMOTE_ADDR = "$remote_addr";
REMOTE_PORT = "$remote_port";
SERVER_ADDR = "$server_addr";
SERVER_PORT = "$server_port";
SERVER_NAME = "$server_name";
REDIRECT_STATUS = "200";
};
recommendedProxyConfig = pkgs.writeText "nginx-recommended-proxy-headers.conf" ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
@ -283,6 +310,10 @@ let
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
''}
${concatStringsSep "\n"
(mapAttrsToList (n: v: ''fastcgi_param ${n} "${v}";'')
(optionalAttrs (config.fastcgiParams != {})
(defaultFastcgiParams // config.fastcgiParams)))}
${optionalString (config.index != null) "index ${config.index};"}
${optionalString (config.tryFiles != null) "try_files ${config.tryFiles};"}
${optionalString (config.root != null) "root ${config.root};"}

View file

@ -101,6 +101,16 @@ with lib;
'';
};
fastcgiParams = mkOption {
type = types.attrsOf types.str;
default = {};
description = ''
FastCGI parameters to override. Unlike in the Nginx
configuration file, overriding only some default parameters
won't unset the default values for other parameters.
'';
};
extraConfig = mkOption {
type = types.lines;
default = "";